Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Jun 2001 13:19:01 +0300
From:      Nevermind <never@uic-in.net>
To:        "educatee2001" <educatee2001@yahoo.com>
Cc:        "FreeBSD security" <freebsd-security@FreeBSD.ORG>
Subject:   Re: Do you know any open source software which can so these security protection?
Message-ID:  <148140566704.20010611131901@uic-in.net>
In-Reply-To: <002f01c0f25e$a41a5290$0100c8c8@co3018900a>
References:  <002f01c0f25e$a41a5290$0100c8c8@co3018900a>
next in thread | previous in thread | raw e-mail | index | archive | help 
e> I wonder if there is any software in open source and can run in FreeBSd
e> which could do something like the following. I appreciate your recomendation
e> as I am new in BSD world.

e> 2. Warning security system to monitors the TCP/IP ports on your computer and
e> gives an alert when it detects a connection. A TCP/UDP port listenerIt
e> resolves the IP Address of the remote system, via a domain name server,
e> whether you are on the Internet or on a Corporate Network. It logs the date,
e> time, IP address, port number and host used by anyone trying to get into
e> your system
/usr/ports/secutity/snort

e> 3. Software that allow one to manage the ports to open/close in FreeBSD. Say
e> if I need to open certain port in BSD for third party program, how can I do
e> so?
You need to use standard FreeBSD's ipfw. To enable it you should add
to your kernel config following lines:

options         IPFIREWALL
options         IPFIREWALL_VERBOSE
options         IPFIREWALL_VERBOSE_LIMIT=100

and recompile and install new kernel.
Be careful, beacuse default rule for IPFW is "deny ip from any to
any", so you should make your ipfw rulelist before you reboot you
computer. At least add as rule number 100 "allow ip from any to any".
This could be done by setting

firewall_enable="YES"
firewall_type="open"

in your /etc/rc.conf
and after building, installing new kernel (you can find the way you
can do it in handbook) setting above variables in /etc/rc.conf reboot
your computer with new kernel and then start playing with different
allow/pass/deny/reject rules in ipfw.

man ipfw

-- 
 Nevermind                          mailto:never@uic-in.net



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?148140566704.20010611131901>